Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar
MD5: dd8ce0ace5aa4fede90df2633c241206
SHA1: 1d4fa1685c7207f2a689f2d4b27d8d7cd287c51e
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/jline/jline32.dll
MD5: b3d9a08ff70440ba3638a325512f2cd8
SHA1: 67a55d8f8ca4937d784d4334e554770adc2a1079
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/jline/jline64.dll
MD5: d2f7b0db1231aac1846a857f5c0c4f2c
SHA1: e297e4e990ce820e64d41f3f27b9be90283f3f96
Description: A library for summarizing data in streams for which it is infeasible to store all events
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.clearspring.analytics/stream/pom.xml
Description: Fast, efficient Java serialization
License:
New BSD License: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.esotericsoftware.kryo/kryo/pom.xml
Description: Core annotations used for value types, used by Jackson data binding package.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-annotations/pom.xml
MD5: 556310b593b9688b85686409e0bd5377
SHA1: 2b75fa41636e5d02edc961ee9c68e6f041dc85a9
Description: Core Jackson abstractions, basic JSON streaming API implementation
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-core/pom.xml
MD5: 24b2f56ad44f91da97dbf7648acd3cf7
SHA1: 408556c26b025a57f0a82019491b942d60957a18
Description: General data-binding functionality for Jackson: works on core streaming API
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml
MD5: 3c0c5b70016d8f220e670c11497659cb
SHA1: f0e76f5145875be3a1d441839b60653775331c7a
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.github.fommil.netlib/core/pom.xml
MD5: d53bf4304b93cc0e780b65eae919e211
SHA1: ebdd06bd2ac4b5c65ed4d4e3245c029076cf2f61
Description: JTransforms is the first, open source, multithreaded FFT library written in pure Java. Benchmark results show better performance than FFTW.
License:
MPL: http://www.mozilla.org/MPL/2.0/index.txt LGPL: http://www.gnu.org/licenses/lgpl-2.1.txt GPL: http://www.gnu.org/licenses/gpl-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.github.rwl/jtransforms/pom.xml
Description:
Protocol Buffers are a way of encoding structured data in an efficient yet
extensible format.
License:
New BSD license: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.google.protobuf/protobuf-java/pom.xml
Description: XML Builder is a utility that creates simple XML documents using relatively sparse Java code
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.jamesmurty.utils/java-xmlbuilder/pom.xml
Description:
Compression codec for LZF encoding for particularly encoding/decoding, with reasonable compression.
Compressor is basic Lempel-Ziv codec, without Huffman (deflate/gzip) or statistical post-encoding.
See "http://oldhome.schmorp.de/marc/liblzf.html" for more on original LZF package.
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.htmlFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.ning/compress-lzf/pom.xml
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xml
MD5: 0c28feff2d26074648ad5c982b8db9f8
SHA1: 62c0e02bf7fd993d1e04984f0637a528d8f0c695
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey.contribs/jersey-guice/pom.xml
MD5: d5c5e834034d6df1c2ef7d1ab8f59b81
SHA1: fcf1567c21582266ca6d072c44a2f46051244c80
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey/jersey-client/pom.xml
MD5: c71dcfe4616d5fe2a16e02614aec51c5
SHA1: b7ff264ca57b1ab1884d31b56c0772213a701fb3
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey/jersey-core/pom.xml
MD5: 63b5375dce75d7bd8d6e5150b2aa590e
SHA1: 8271f8493cd794ff5404f96751589afb89871857
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey/jersey-json/pom.xml
MD5: 68d3f040f9ad6b07ef3d8d7f00f939a6
SHA1: 82e32a9a573c5ff97b08c031f00d093aa4dc2b0f
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey/jersey-server/pom.xml
MD5: 13f4e10cd6a4e159c9f68e7cddfd4e40
SHA1: f6b5a2bcbb3e21a70a25169b053b4fd7aad26b36
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.xml.txw2/txw2/pom.xml
MD5: cf4b1041a961856b9c0a5c3846c602fe
SHA1: 145b0c8dc9d0205ea46c44a3be6c1911d4e30e81
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.thoughtworks.paranamer/paranamer/pom.xml
MD5: ff05079395761cfbd2e565163314e9d6
SHA1: 2a4b5a8bcec659bdda6167c18f76d4c2e53ec9c7
Description:
Commons CLI provides a simple API for presenting, processing and validating a command line interface.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-cli/commons-cli/pom.xml
MD5: 98d0e8bed14d623fe40e4975ad351253
SHA1: e1b71e4b511c3c63f8b19d0302fe1d1c6e79035a
Description:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-codec/commons-codec/pom.xml
MD5: a7949292fa7a8f3333808e30ad7bbb90
SHA1: 44b9477418d2942d45550f7e7c66c16262062d0e
Description: Types that extend and augment the Java Collections Framework.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-collections/commons-collections/pom.xml
MD5: 602190bb9bd6a1ff3c9b47b58e4ce76a
SHA1: c812635cfb96cd2431ee315e73418eed86aeb5e4
Description:
Tools to assist in the reading of configuration/preferences files in
various formats
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-configuration/commons-configuration/pom.xml
MD5: b0214986053b26c00e26d59242f45313
SHA1: 0131633433e1c983ba12e35cf92791fc32c9fb77
Description:
The Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-io/commons-io/pom.xml
MD5: a75b48557fe5da29195020755a5b1be7
SHA1: 9ece23effe8bce3904f3797a76b1ba6ab681e1b9
Description:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-lang/commons-lang/pom.xml
MD5: cca9ee287cb26a44a2f65450a24957cd
SHA1: 347d60b180fa80e5699d8e2cb72c99c93dda5454
Description:
A collection of network utilities and protocol implementations.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-net/commons-net/pom.xml
MD5: fcb33819059fe8237861fcf2ef2f9d87
SHA1: 61e0206d82ed0cbc15d7970463e403ef8da2888f
Description:
Metrics is a Java library which gives you unparalleled insight into what your code does in
production. Metrics provides a powerful toolkit of ways to measure the behavior of critical
components in your production environment.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/io.dropwizard.metrics/metrics-core/pom.xml
MD5: 7caf72e1d925192be57c79302116c07e
SHA1: 844fddfc2be351b18de35484fb95db95274ad75b
Description:
A reporter for Metrics which announces measurements to a Graphite server.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/io.dropwizard.metrics/metrics-graphite/pom.xml
MD5: 107e699b493f7060aba8dc7a4b863578
SHA1: d9d14a5d4613220446d4fea823bc711ed7b235a2
Description:
A set of Jackson modules which provide serializers for most Metrics classes.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/io.dropwizard.metrics/metrics-json/pom.xml
MD5: 6ef4df90a43cf135a72dc883ee649a31
SHA1: 3db29296d98bdb131d09d8195610a92873572a27
Description:
A set of classes which allow you to monitor critical aspects of your Java Virtual Machine
using Metrics.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/io.dropwizard.metrics/metrics-jvm/pom.xml
MD5: cb24386f319b1dfcd81aeb1e045eb907
SHA1: ea02ded41dbe42179dd036bf4d6024903d4da32d
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/io.netty/netty-all/pom.xml
MD5: f8d9b5d51bd92d174f3a7a802b9da36c
SHA1: 6565ef0245ed6b56c78aec44b0df1c0f6fc6e71d
Description:
The Netty project is an effort to provide an asynchronous event-driven
network application framework and tools for rapid development of
maintainable high performance and high scalability protocol servers and
clients. In other words, Netty is a NIO client server framework which
enables quick and easy development of network applications such as protocol
servers and clients. It greatly simplifies and streamlines network
programming such as TCP and UDP socket server.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/io.netty/netty/pom.xml
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/javax.mail/mail/pom.xml
MD5: a99f0944ed5f4cb1467b9776a613d4d8
SHA1: 595a58508006f4a0db61483050d8537e093247f6
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
** DISPUTED ** Javamail does not properly handle a series of invalid login attempts in which the same e-mail address is entered as username and password, and the domain portion of this address yields a Java UnknownHostException error, which allows remote attackers to cause a denial of service (connection pool exhaustion) via a large number of requests, resulting in a SQLNestedException. NOTE: Sun disputes this issue, stating "The report makes references to source code and files that do not exist in the mentioned products."
Vulnerable Software & Versions:
Description: JLine is a java library for reading and editing user input in console applications. It features tab-completion, command history, password masking, customizable keybindings, and pass-through handlers to use to chain to other console applications.
License:
BSD: LICENSE.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/jline/jline/pom.xml
Description: Apache Log4j 1.2
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/log4j/log4j/pom.xml
Description: A Java class providing very fast Base64 encoding and decoding
in the form of convenience methods and input/output streams.
License:
Public domainFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/net.iharder/base64/pom.xml
Description: Toolkit for Amazon S3, Amazon CloudFront, and Google Storage Service.
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/net.java.dev.jets3t/jets3t/pom.xml
Description: This library allows your Java program to interface very easily with the Python world. It uses the Pyro protocol to call methods on remote objects. (See https://github.com/irmen/Pyro4). To that end, it also contains and uses a feature complete pickle protocol implementation -read and write- to exchange data with Pyro/Python.
Pyrolite only implements part of the client side Pyro library, hence its name 'lite'... But because Pyrolite has no dependencies, it is a much lighter way to use Pyro from Java/.NET than a solution with jython+pyro or IronPython+Pyro would provide. So if you don't need Pyro's full feature set, and don't require your Java/.NET code to host Pyro objects itself, Pyrolite may be a good choice to connect java or .NET and python.
License:
MIT License: https://raw.githubusercontent.com/irmen/Pyrolite/master/LICENSEFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/net.razorvine/pyrolite/pom.xml
Description: A simple library for reading and writing CSV in Java
License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/net.sf.opencsv/opencsv/pom.xml
Description: Py4J enables Python programs running in a Python interpreter to dynamically access Java objects in a Java Virtual Machine. Methods are called as if the Java objects resided in the Python interpreter and Java collections can be accessed through standard Python collection methods. Py4J also enables Java programs to call back Python objects.
License:
The New BSD License: http://www.opensource.org/licenses/bsd-license.htmlFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/net.sf.py4j/py4j/pom.xml
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
CWE: CWE-189 Numeric Errors
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)
CWE: CWE-20 Improper Input Validation
Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.
Vulnerable Software & Versions: (show all)
Description: Avro core components
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.avro/avro/pom.xml
MD5: 7c004a4bda0f0c7a14d273e3f2c7e0a3
SHA1: f4079d2b0a549d1e46f6eee0a8dc5a4cbf2d7c11
Description:
Apache Commons Compress software defines an API for working with compression and archive formats.
These include: bzip2, gzip, pack200, xz and ar, cpio, jar, tar, zip, dump.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.commons/commons-compress/pom.xml
MD5: e8496e82a63646dc67f25d233502b6fd
SHA1: bf8a105706b3e1e6c32bebaaa40874af967cf69d
Description:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.commons/commons-lang3/pom.xml
MD5: ec3de80a686a2964ac018e3df13adf22
SHA1: 932ed8226f371b204d04a8c4d3d5fe0f2b26339f
Description: The Apache Commons Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.commons/commons-math3/pom.xml
MD5: 472b461fe9768ab43b86748749919b49
SHA1: 98fbde3ba4f322d6c495f594491343aaafbb8833
Description: Low-level API
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.curator/curator-client/pom.xml
MD5: 9641670c2391e9ee5244a3d64888cef6
SHA1: 9dda17baa31a3dfc89a5d15ccdb391502c9ab12d
Description: High-level API that greatly simplifies using ZooKeeper.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.curator/curator-framework/pom.xml
MD5: 3145dd84f94bed098c3681800a7e07ab
SHA1: aa2cfd86b8b068a592d7242e51804b7a2bda28ea
Severity:
Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management
Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.
Vulnerable Software & Versions: (show all)
Description: All of the recipes listed on the ZooKeeper recipes doc (except two phase commit).
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.curator/curator-recipes/pom.xml
MD5: a990b664250fb1dd625ff71c9a5133bd
SHA1: e33a3f0d56fd28ea1e8adc4c7b6367cf92848111
Description:
HttpComponents Client
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.httpcomponents/httpclient/pom.xml
MD5: a0fb2623ceae4c17326805805175bad6
SHA1: f244cc11ee888468a7341b465a0c5ff6ad94445a
Severity:
Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
Vulnerable Software & Versions: (show all)
Description:
HttpComponents Core (blocking I/O)
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.httpcomponents/httpcore/pom.xml
MD5: b0e72908c12d626856d4c2f9ce5a6ac6
SHA1: 13ec787d4bace3aa44734f4196cb659041785339
Description: The Apache Mesos Java API jar.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.mesos/mesos/pom.xml
MD5: 9780e8a6181638817cfadda75abcefb9
SHA1: 29b4fe7cf5f71fc7dd42e4a23352c9b8afe01b1d
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.parquet/parquet-column/pom.xml
MD5: b9b3035b99aac7235eac137d2dd57bcc
SHA1: d116280b2ee77f1b14d3d35c8161ca255bda5ec1
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.parquet/parquet-common/pom.xml
MD5: b123e0cd84bf7f92d7393b07e07c2141
SHA1: a2649bac487825611752b476aa71974aaa052b41
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.parquet/parquet-encoding/pom.xml
MD5: dc1898ab9a2cee011893e7805da33bcf
SHA1: d46b8732c3ff5c65abe63ce48ff09e7583ecf20a
Description: Parquet is a columnar storage format that supports nested data. This provides all generated metadata code.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.parquet/parquet-format/pom.xml
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.parquet/parquet-generator/pom.xml
MD5: 0fa86a30d540f40a76d1f756c04d5ccf
SHA1: 835e14d349a9bc0e554bfc398bdcb946b230e416
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.parquet/parquet-jackson/pom.xml
MD5: 966c342e267489c18c79ace0cdbda0e0
SHA1: 8f8729397489d0ac573f0020edae81c2054412aa
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.spark/spark-launcher_2.10/pom.xml
MD5: 2be90451be3034cec79abcda6344ed49
SHA1: ec313187b08c397292c8232249e94686e190f48f
Description: A StAX implementation for JSON.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.codehaus.jettison/jettison/pom.xml
MD5: e23290d6b5cd6ed14bbf828665818a7f
SHA1: a0b077aade943e9a7d2539439645e23fe8a9441c
Description: The API that projects using HawtJNI should build against.
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.fusesource.hawtjni/hawtjni-runtime/pom.xml
MD5: 1394f8245cf4da89871194a82f5d250a
SHA1: a14d70da4f46447542e198dbb305324ae4f38951
Description: Jansi is a java library for generating and interpreting ANSI escape sequences.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.fusesource.jansi/jansi-native/pom.xml
Description: jansi is a java library for generating and interpreting ANSI escape sequences.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.fusesource.jansi/jansi/pom.xml
Description: JPMML Java agent for class model
License:
BSD 3-Clause License: http://opensource.org/licenses/BSD-3-ClauseFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.jpmml/pmml-agent/pom.xml
Description: JPMML class model
License:
BSD 3-Clause License: http://opensource.org/licenses/BSD-3-ClauseFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.jpmml/pmml-model/pom.xml
Description: JPMML schema annotations for class model
License:
BSD 3-Clause License: http://opensource.org/licenses/BSD-3-ClauseFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.jpmml/pmml-schema/pom.xml
Description: Jetty server core
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.mortbay.jetty/jetty/pom.xml
MD5: 176e0f5ea87f57f6489669b9ab3aa1be
SHA1: 402cdb578cdfc753f22252f8e27602f2f95e8823
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Vulnerable Software & Versions: (show all)
Description: Roaring bitmaps are compressed bitmaps (also called bitsets) which tend to outperform
conventional compressed bitmaps such as WAH or Concise.
License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.roaringbitmap/RoaringBitmap/pom.xml
Description: JCL 1.1.1 implemented over SLF4J
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.slf4j/jcl-over-slf4j/pom.xml
MD5: de4102c4199555b31f65904ea9030194
SHA1: 716606699cc31726a4c8c48ca58926a8fea15e25
Description: JUL to SLF4J bridge
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.slf4j/jul-to-slf4j/pom.xml
MD5: 73d3ac358f4047eb93ea213e13e00180
SHA1: eb1bfbab4543269c2c8a66b2f0052418366b757d
Description: The slf4j API
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.slf4j/slf4j-api/pom.xml
MD5: fd303b600a9acba746fe42b1e2d6d566
SHA1: e5247e58569e3386a67622e01fcbf189ea902cbf
Description: SLF4J LOG4J-12 Binding
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.slf4j/slf4j-log4j12/pom.xml
MD5: 4400f7a47130dcb501af32edce50a2ea
SHA1: 283a5d3af5a9e05b4c8f305e03b51326e3292e15
Description: Tachyon Project Client
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.tachyonproject/tachyon-client/pom.xml
MD5: 8920fc2a8a9f5170ad0dd3ee021ac621
SHA1: 351bc97dc93d92bf02052f62b85b8ee02a871497
Description: Tachyon: A Reliable Memory Centric Distributed Storage System
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.tachyonproject/tachyon/pom.xml
MD5: 362a1e58269301c5ea71a946be8539db
SHA1: 64add76b0ff6ef1b48a5e61a0ddd18f80e8b4dea
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/native/windows32/jansi.dll
MD5: a66de9637f25c66a1fcb480177d27a3d
SHA1: 9d74112a1fbc93475a8b3e86f04b1d61209adab1
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/native/windows64/jansi.dll
MD5: 3466b8d69a6056fb0cc354d643e0bfa7
SHA1: 25066abe1a1c305a632e8abbcc8e4fd55c4c0372
Description: Minimal overhead Java logging
License:
New BSD License: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/minlog-1.2.jar
Description: A library for instantiating Java objects
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/objenesis-1.2.jar
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/org/xerial/snappy/native/Windows/x86/snappyjava.dll
MD5: c35f7d232d05fd0b8440153cb4224a5a
SHA1: 45b5f3fdd2bac156b8d100ce2c29ac7126454fef
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/org/xerial/snappy/native/Windows/x86_64/snappyjava.dll
MD5: eae816277d795d3397f08ad43d236576
SHA1: 283068f6b5cd8bb3449867558624fe19c432d909
Description: High performance Java reflection using code generation
License:
New BSD License: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/assembly/target/scala-2.10/spark-assembly-1.5.0-SNAPSHOT-hadoop2.4.0.jar/reflectasm-1.07-shaded.jar
File Path: /Users/skinzer/Documents/Github/spark/assembly/target/spark-assembly_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 914272f95200cd2ddb9b0730ab0e4a86
SHA1: e72861b0518fe1fc6d9edbb0054833c421e53ea0
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/bagel/target/original-spark-bagel_2.10-1.5.0-SNAPSHOT.jar
MD5: 2e63fe19bd433be7b5fecacb7a5b5095
SHA1: 88c5c3c7a5ce2469e102dcc75bcbfdcb7097b580
File Path: /Users/skinzer/Documents/Github/spark/bagel/target/spark-bagel_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 97e3696fa57b93c6f04db5fe2d0ba9e7
SHA1: dc0ba143b83856ba1349b712e926c9bff66dd0ef
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/bagel/target/spark-bagel_2.10-1.5.0-SNAPSHOT.jar
MD5: 5643265eb6b331797b208cca85fb5cb1
SHA1: 008481e630b62bb29e3d2f018f6288fa089467dc
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/bagel/target/spark-bagel_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.spark-project.spark/unused/pom.xml
Description: akka-actor
License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/akka-actors.jar
Description: Like readline, but better
License:
BSD-like: http://www.scala-lang.org/downloads/license.html The BSD License: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/jline.jar
Description: scala-actors-migration
License:
BSD-like: http://www.scala-lang.org/downloads/license.htmlFile Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scala-actors-migration.jar
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scala-actors.jar
MD5: f6d167dac4e88022bbc83f3329d93721
SHA1: a06f44be56317d965593e169a48a53a8b209c2ef
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scala-compiler.jar
MD5: 00b2989abf894903aa15a0d51414745c
SHA1: e20f6bed9fd598b779b78910143bfe5e75d3754f
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scala-library.jar
MD5: 8abbc821359de521993a7b40b9e0ba48
SHA1: 3fb94da341e8ccc5affbe433a9bd65d092e2d7a9
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scala-reflect.jar
MD5: d2301ef0f59f3c76ce9c2ac32fdf9d5a
SHA1: 8e7bfcca34ac191bf03bde17685b7f78a062aa8c
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scala-swing.jar
MD5: 19a3959f5137edf4710fb0168017d36b
SHA1: 54764bb1ca0e1693ac38c13fef369bc51235efe0
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/scalap.jar
MD5: 84e88d795af4def8f6882f6f8676c817
SHA1: 448bdadbfc2db368c1a1f48b0531c0094d90da3f
Description: config
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/lib/typesafe-config.jar
File Path: /Users/skinzer/Documents/Github/spark/build/scala-2.10.4/misc/scala-devel/plugins/continuations.jar
MD5: 6396833addd6d8a14fe88590ffbff8ee
SHA1: be90b8448adc26adbce0e3a284a03dacb9814f32
File Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/bin/ng/win32/ng.exe
MD5: 5f59d34fe3f1221966cf284de8766719
SHA1: c45d719427160435cde4327fe073079cfdb1d6d3
License:
The BSD License: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/incremental-compiler.jar
File Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/incremental-compiler.jar/META-INF/native/windows32/jansi.dll
MD5: 1e56641bb68937f8e2020cbff5d04a08
SHA1: 97f6e12599bb5848867b9762184d055ed918ab2a
File Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/incremental-compiler.jar/META-INF/native/windows64/jansi.dll
MD5: fd3a20891286c958103f3ea07174cd3c
SHA1: 829195c9e338d5725cf304ae33fc209db53884eb
Description:
Nailgun is a client, protocol, and server for running Java programs from
the command line without incurring the JVM startup overhead. Programs run
in the server (which is implemented in Java), and are triggered by the
client (written in C), which handles all I/O.
This project contains the SERVER ONLY.
File Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/nailgun-server.jar
MD5: fd7cf19b2088d1a58eef8cfa4ee26906
SHA1: d57ea0a6f6c1bb1b616c5b3b311b3726c6ff35ad
Description: sbt-interface
License:
BSD-style: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/sbt-interface.jar
Description: Compiler for the Scala Programming Language
License:
BSD-like: http://www.scala-lang.org/downloads/license.htmlFile Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/scala-compiler.jar
Description: Standard library for the Scala Programming Language
License:
BSD-like: http://www.scala-lang.org/downloads/license.html
File Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/scala-library.jarDescription: Compiler for the Scala Programming Language
License:
BSD-like: http://www.scala-lang.org/downloads/license.htmlFile Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/scala-reflect.jar
Description: zinc
License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/build/zinc-0.3.5.3/lib/zinc.jar
Description:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
Guava has two code dependencies - javax.annotation
per the JSR-305 spec and javax.inject per the JSR-330 spec.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/core/target/jars/guava-14.0.1.jar
Description: Administrative parent pom for Jetty modules
License:
http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.phpFile Path: /Users/skinzer/Documents/Github/spark/core/target/jars/jetty-io-8.1.14.v20131031.jar
Description: Utility classes for Jetty
License:
http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.phpFile Path: /Users/skinzer/Documents/Github/spark/core/target/jars/jetty-util-6.1.26.jar
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/core/target/original-spark-core_2.10-1.5.0-SNAPSHOT.jar
MD5: 04da066932dacb34fbad9e380b204926
SHA1: 893db0f3db2ecee35a029e7652ed9ffce89aa187
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: a9a1229f6339f6c098faefff9183dfda
SHA1: e156ce4ed7a278d6b729fc7971a42d7364e66015
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar
MD5: ae30830d541c4b5f4f7250d74fc62240
SHA1: 5a44d4dfb2e793b3cc33a95be1d5f054747db0e5
Description: Asynchronous API
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-continuation/pom.xml
MD5: b5d02f7f78a43fdc722279ff6646b2bc
SHA1: 31bbfc8404945b7012e1290908c49a03e39d3acb
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-http/pom.xml
MD5: 94b10b9a196e58a28415ccf0b083e1fa
SHA1: c43469905687e851b7b6dc014890b6fffbc35b30
Description: Jetty JavaEE style services
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-plus/pom.xml
MD5: 09bfbeb40e01373e68d3e34dc033a0ff
SHA1: 6ba1c237f966c35ae2bf10f2ad27a1195a12258b
Description: Jetty security infrastructure
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-security/pom.xml
MD5: 7edd7612972c64b13472a2de6307aa9e
SHA1: 8f7cc17c759a2a468576cffb4a0f9ec4d4f4fed3
Description: The core jetty server artifact.
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-server/pom.xml
MD5: fe4bbfaeac4a2e3cc3c19dc51be2120e
SHA1: 2c6768b7e906505a79003fed5fa986d6c96c44a3
Description: Jetty Servlet Container
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-servlet/pom.xml
MD5: 9ea837019547c32a2fc4c1c4b9ad6bff
SHA1: 2f7844fa4c352de8f4c4ecef1dee88bf9a3adc4d
Description: Utility classes for Jetty
File Path: /Users/skinzer/Documents/Github/spark/core/target/spark-core_2.10-1.5.0-SNAPSHOT.jar/META-INF/maven/org.eclipse.jetty/jetty-util/pom.xml
MD5: 89d4ea6ce775a7638e24fb2d664548de
SHA1: c7cb37bd813f760375e05c6a9020f31fd6760dba
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar
MD5: de1b1e76d90605c0fda97273ae8e6e04
SHA1: 5462c82970c9470f173a09df6f3b04052ab4c2c1
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/com/sun/jna/win32-amd64/jnidispatch.dll
MD5: 68c23ca3f538d37e8a4df705af9ee5ef
SHA1: b7dd9ef094221148db9cc6ac9bfa0c5487654691
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: de9af41a7e0ad0dd7f83a5bc88d50d0f
SHA1: 564f040d9d4d0925166b3ed3f942afe6b0909312
Description: A set of platform constants (e.g. errno values)
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.github.jnr/jnr-constants/pom.xml
Description: A clean room implementation of the Findbugs Annotations based entirely on the specification provided
by the javadocs and at http://findbugs.sourceforge.net/manual/annotations.html.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.github.stephenc.findbugs/findbugs-annotations/pom.xml
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.github.stephenc.high-scale-lib/high-scale-lib/pom.xml
MD5: 3749c9d70420deabccf4f87ac6ecce0a
SHA1: 9d514564685b8b200bd81b9c219367c5bb75ebfa
Description:
Jamm provides MemoryMeter, a java agent to measure actual object memory use including JVM overhead.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.github.stephenc/jamm/pom.xml
Description: The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression.
JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme.
The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme.
License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.googlecode.javaewah/JavaEWAH/pom.xml
Description: Lightweight connection pool.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.jolbox/bonecp/pom.xml
MD5: 2796174d126cf78dc6962c7d335d5a6e
SHA1: 3c3559460f87fd3a9f8f0a7019a290a1d025ddd3
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey.jersey-test-framework/jersey-test-framework-core/pom.xml
MD5: bff926d22443cbbb49621e0d763d4880
SHA1: 2a78759c1042709c03dd38244c156d13244d8ab5
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey.jersey-test-framework/jersey-test-framework-grizzly2/pom.xml
MD5: 153de4cb1950e7567e5fcb5041a4f591
SHA1: 0c1ce032249173674cbd27471b20f9ed30da2dab
Description:
Grizzly 2.0 container for Jersey
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey/jersey-grizzly2/pom.xml
MD5: 67afc1ed2e518459783108c2f087f1ab
SHA1: c93e508260d103cba5fa9a7554549f80264f7b70
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.sun.jersey/jersey-json/pom.xml
MD5: 62f9e617318f1899ee14a113c47b30f2
SHA1: 6ea1d417eebaf0f7a7dc1cc53539640130bd251f
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-column/pom.xml
MD5: eb6fa280ee0efd77ff3d4f176a98bbe4
SHA1: 39cc4afa3c8f9df5e0a8de7f9b73ea7b7c3855a8
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-common/pom.xml
MD5: 56842d1e33ca02d04b8f768a10cc50c1
SHA1: 20c8e543527f4199b548898bdb50aa2d562ab6c7
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-encoding/pom.xml
MD5: d915f35e4a7c2d08a355a0cc2e92b7c5
SHA1: 9087810019c3f7474299632e9dee51961df44a62
Description: Parquet is a columnar storage format that supports nested data. This provides all generated metadata code.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-format/pom.xml
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-generator/pom.xml
MD5: a1c7451dfb8b6143e6f5798f4383ad00
SHA1: b139b0bda594348b5ddbbf106e32203459a90784
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-hadoop-bundle/pom.xml
MD5: 5c7a5dc46bab227866c70ef66a1355bd
SHA1: 85cec05ce8d9cda5cc6ea1bccafa54350cb913d8
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-hadoop/pom.xml
MD5: 1040ad9eb1c141aa07f27d2c1a26341d
SHA1: ef85e3da07485ca6e71f966bc41395d74955feec
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.twitter/parquet-jackson/pom.xml
MD5: 3de3dcdfc780fc46a776f731d981d3aa
SHA1: 457a31af5e1cef88475d84644ea7c636f77b80c7
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/com.yammer.metrics/metrics-core/pom.xml
MD5: 5a780b66e4af803ffedea21b73974c97
SHA1: 295b78d3b8539bc17f6474090450f9982e31c188
Description:
Apache Commons Daemon software provides an alternative invocation mechanism for unix-daemon-like Java code.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-daemon/commons-daemon/pom.xml
MD5: 340f7877092d3bb7dc8cc60300e7d139
SHA1: 3d3d7ec55d18e08dab3fdd5adbe810ca2d6ed368
Description: Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/commons-logging/commons-logging/pom.xml
MD5: 976d812430b8246deeaf2ea54610f263
SHA1: 76672afb562b9e903674ad3a544cdf2092f1faa3
Description: The reference implementation of SnapTree,
a concurrent AVL tree with fast cloning, snapshots, and consistent
iteration.
License:
SNAPTREE LICENSE: https://raw.github.com/nbronson/snaptree/b198f84b0c927f6b5cdef080552fc26aa004d3ee/doc/LICENSEFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/edu.stanford.ppl/snaptree/pom.xml
License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.htmlFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/javax.servlet/javax.servlet-api/pom.xml
Description: Javolution - Java Solution for Real-Time and Embedded Systems.
This project uses template classes to generates java code for various versions
of the Java run-time (e.g. J2ME, 1.4, GCJ, 1.5). The default maven compilation
builds OSGI bundle for Java 1.5+ (parameterized classes).
For others targets the ant script should be used directly (e.g. "ant j2me").
License:
BSD License: http://javolution.org/LICENSE.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/javolution/javolution/pom.xml
Description: Date and time library to replace JDK date handling
License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/joda-time/joda-time/pom.xml
Description: A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.antlr/antlr-runtime/pom.xml
MD5: e29658e686e9ff6ff6cc11eec39c798d
SHA1: f17559949c44edf8a8269187e3cbfe6bd45de315
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.antlr/antlr/pom.xml
MD5: a26221f490f71ad11aa203127a3db831
SHA1: 7c1d4b928af931b2fd48e743fae5918dc48d7abf
Description: StringTemplate is a java template engine for generating source code,
web pages, emails, or any other formatted text output.
StringTemplate is particularly good at multi-targeted code generators,
multiple site skins, and internationalization/localization.
It evolved over years of effort developing jGuru.com.
StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org
and powers the ANTLR v3 code generator. Its distinguishing characteristic
is that unlike other engines, it strictly enforces model-view separation.
Strict separation makes websites and code generators more flexible
and maintainable; it also provides an excellent defense against malicious
template authors.
There are currently about 600 StringTemplate source downloads a month.
License:
BSD licence: http://antlr.org/license.htmlFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.antlr/ST4/pom.xml
Description: StringTemplate is a java template engine for generating source code,
web pages, emails, or any other formatted text output.
StringTemplate is particularly good at multi-targeted code generators,
multiple site skins, and internationalization/localization.
It evolved over years of effort developing jGuru.com.
StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org
and powers the ANTLR v3 code generator. Its distinguishing characteristic
is that unlike other engines, it strictly enforces model-view separation.
Strict separation makes websites and code generators more flexible
and maintainable; it also provides an excellent defense against malicious
template authors.
There are currently about 600 StringTemplate source downloads a month.
License:
BSD licence: http://antlr.org/license.htmlFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.antlr/stringtemplate/pom.xml
Description: Avro inter-process communication components
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.avro/avro-ipc/pom.xml
MD5: c08ce39ba9595c7d68e052e79eb7b724
SHA1: d32edbecc7dbee3a36281c7e1c9b9f305fee73d8
Description: The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.commons/commons-math/pom.xml
MD5: f387c9e435f444bc4ce69bda53d26414
SHA1: a887e87d7f5143f882099e71c2c3606a8ee43d1d
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.flume/flume-ng-configuration/pom.xml
MD5: 283a5be9b039f6913e803b3789459539
SHA1: c0f31d7acbe6316e27b418289c854d57bc6c0ef7
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.flume/flume-ng-core/pom.xml
MD5: cf5fa723137f0ac0fdd39545ae882d9e
SHA1: b5aaf28bd24b541e1cc4f14e6c79419856042b9e
Description: Flume Software Development Kit: Stable public API for integration with Flume 1.x
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.flume/flume-ng-sdk/pom.xml
MD5: 6886759b7d32f89fb89c81f905c542c1
SHA1: be7aaa05918f1c9e3f8d536c25f327129d0586da
Description: Client of HBase
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.hbase/hbase-client/pom.xml
MD5: 1deab5840223447ffea3a067f6a69fc3
SHA1: a20da90fe00a467dad81bc9cecb913313f3dc63f
Description: Common functionality for HBase
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.hbase/hbase-common/pom.xml
MD5: c1180f6b8f0dc06fe1ae292ec34be437
SHA1: 022963eea1cf6794b58dfcbc64cabe74d6a4dacb
Description: Prefix Tree Data Block Encoder
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.hbase/hbase-prefix-tree/pom.xml
MD5: 9d945dd55227a4908443e0623dbf7c63
SHA1: f27c2df8dfce80398d9239906fdbba30a4b5a4a5
Description: Protobuf protocol classes used by HBase to communicate.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.hbase/hbase-protocol/pom.xml
MD5: 58a4995d40bb3677ace914f8164bf557
SHA1: 4a1ac8a4fd3dbccf81f698308ed585a3e6b1d9c3
Description: Main functionality for HBase
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.hbase/hbase-server/pom.xml
MD5: 7428d097a55b391a3721dea86edc23df
SHA1: df5e9fe92afeba1a83e1cc114fe8e724ed2dcb16
Description: HBase Testing Utilities.
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.hbase/hbase-testing-util/pom.xml
MD5: 4085ed432a5e6729dd2f4532ceaa7c8f
SHA1: 989095f1f1d432299f8525296c96a368641867aa
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.apache.mina/mina-core/pom.xml
MD5: b2f69ec324b64b206b166d329db78acc
SHA1: 5394b76d980e3b16f146540f445fcf822a5c1e97
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.cloudera.htrace/htrace-core/pom.xml
MD5: ddf7a10851d02fb42d1e1b6dd9dff2b2
SHA1: ce5eb9a68b3bb381dd4ae8da8c8ea516c21ce857
Description:
Plugin providing DataNucleus implementation of the JDO API.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.datanucleus/datanucleus-api-jdo/pom.xml
Description:
DataNucleus Core provides the primary components of a heterogenous Java persistence solution.
It supports persistence API's being layered on top of the core functionality.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.datanucleus/datanucleus-core/pom.xml
Description:
Plugin for DataNucleus providing persistence to RDBMS datastores.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.datanucleus/datanucleus-rdbms/pom.xml
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.eclipse.paho/org.eclipse.paho.client.mqttv3/pom.xml
MD5: 51b5a7b46dd235f9f35ec8d2840ea723
SHA1: 6bb8acb29a14977cdc704432044fafb77d6e3d8f
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.glassfish.grizzly/grizzly-framework/pom.xml
MD5: 30ac9624844481a26735334d692ec562
SHA1: a9579b89627da069449ee62cf803fc2bd8d4ced7
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.glassfish.grizzly/grizzly-http-server/pom.xml
MD5: cf7df94ac36dd5a8e37d895b6874c310
SHA1: 4e6f24e7132800e521f7feddfc9920bc9e8ad5ad
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.glassfish.grizzly/grizzly-http-servlet/pom.xml
MD5: 9a48f63c3071bbe3db019a0f1b7a3f0c
SHA1: 6634bc90dbf4274e1a30c0a7f6354ac9dcadc164
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.glassfish.grizzly/grizzly-http/pom.xml
MD5: 6e7865db9ae1acb68701841e74ed6a04
SHA1: c018c86075eb107fd3a35c7c0c4ecf984ac1e355
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.glassfish.grizzly/grizzly-rcm/pom.xml
MD5: e52b007943d596254f4bc6c1796b9894
SHA1: 5517e84c04411c3088575637198c2a1dad2ca576
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.glassfish/javax.servlet/pom.xml
MD5: 6fd692f340fff60762f667d33ab446b6
SHA1: d4fdd3ba89e7146b6748faf88a87f6f0a621cc0f
Description: Port of Snappy to Java
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.htmlFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.iq80.snappy/snappy/pom.xml
Description: Jamon runtime support classes
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.jamon/jamon-runtime/pom.xml
MD5: 7dc403f7c0d98ad4d6d76a68963b0a54
SHA1: 1602e9af06ed56d4943253ff002ac0b52b9261e8
Description:
Byte based encoding support library for java
License:
MIT License: http://www.opensource.org/licenses/mit-license.phpFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.jruby.jcodings/jcodings/pom.xml
Description:
Java port of Oniguruma: http://www.geocities.jp/kosako3/oniguruma
that uses byte arrays directly instead of java Strings and chars
License:
MIT License: http://www.opensource.org/licenses/mit-license.phpFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.jruby.joni/joni/pom.xml
Description:
jBCrypt is a Java implementation of OpenBSD's Blowfish password hashing code, as described in A Future-Adaptable Password Scheme by Niels Provos and David Mazières, by Damien Miller.
License:
ISC/BSD LicenseFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.mindrot/jbcrypt/pom.xml
License:
Apache License Version 2: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.mortbay.jetty/jetty-sslengine/pom.xml
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Vulnerable Software & Versions: (show all)
Description: JSP2.1 Jasper implementation from Glassfish
License:
CDDL 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.htmlFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.mortbay.jetty/jsp-2.1/pom.xml
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) jspsnoop/, (2) jspsnoop/ERROR/, and (3) jspsnoop/IOException/, and possibly the PATH_INFO to (4) snoop.jsp.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation
Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for the Session Dump Servlet under session/.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrated by discovering the value of the getPathTranslated variable.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
Vulnerable Software & Versions: (show all)
Description: JSP2.1 API
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.mortbay.jetty/jsp-api-2.1/pom.xml
MD5: b4ccdf2e4c0c6ced943fab17708066ec
SHA1: a10225cbf0db34ae6965e585b51337bccfb8f9d0
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) jspsnoop/, (2) jspsnoop/ERROR/, and (3) jspsnoop/IOException/, and possibly the PATH_INFO to (4) snoop.jsp.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation
Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for the Session Dump Servlet under session/.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrated by discovering the value of the getPathTranslated variable.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
Vulnerable Software & Versions: (show all)
Description: Servlet Specification 2.5 API
License:
CDDL 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.htmlFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.mortbay.jetty/servlet-api-2.5/pom.xml
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) jspsnoop/, (2) jspsnoop/ERROR/, and (3) jspsnoop/IOException/, and possibly the PATH_INFO to (4) snoop.jsp.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation
Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for the Session Dump Servlet under session/.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrated by discovering the value of the getPathTranslated variable.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive.shims/hive-shims-0.20/pom.xml
MD5: 3aa2cb1fd8b7fe158b9e9ab9ac76037f
SHA1: dbc88f6415550e01bce27ab43f366496c4a83c58
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive.shims/hive-shims-0.20S/pom.xml
MD5: b95df0debb5a2865075a4033f7134d5d
SHA1: 0bd26e1e7e563c8d8bed30ccada76e125d15843b
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive.shims/hive-shims-0.23/pom.xml
MD5: 833c7b0f08880687d1f2b734d851a13d
SHA1: ef9c9c38a7ae89c209fede3a656b0af19e1b1dbe
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive.shims/hive-shims-common-secure/pom.xml
MD5: 98210389b3f9d724fc26cc8375e3ebec
SHA1: 167ad061b4db1ef8d0e62f34ffbaa0e10471102a
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive.shims/hive-shims-common/pom.xml
MD5: a43cc983bce1f6e15696187734454ef6
SHA1: 1723a54c7997a474cf222f332096d4f3ccee6cb2
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive/hive-ant/pom.xml
MD5: b15c8ef860a0bb9c43a1906aefc0f088
SHA1: 686153e5af70d03f6fb5d0176f09266c3ae7eaf4
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive/hive-common/pom.xml
MD5: 8b026135bd07843013f1ca87fdda47b9
SHA1: eaddc9f39cffb2c34ab1efcc9c3399cebfdcd3ee
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive/hive-exec/pom.xml
MD5: d456e7c85156871e47f854447494f618
SHA1: aaa9e124f51d5a15c932b8f070f265681ce6bea0
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive/hive-metastore/pom.xml
MD5: af4a34eba76542750fe9f4a2c7b1c5c7
SHA1: 722c5ecbdd47655681ec2b69ab84d7ce2b8980df
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive/hive-serde/pom.xml
MD5: 7a37a6d667ea20a4ba632ca0fd49a45f
SHA1: 119f6b43cab071ff8a8c5341aa18c7b9185e64bf
File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.hive/hive-shims/pom.xml
MD5: 6b69b88499a7df409a89f04660645cce
SHA1: 1a4a744e40bf4b6d233cb3175ffd5263a4f7938e
Description:
Protocol Buffers are a way of encoding structured data in an efficient yet
extensible format.
License:
New BSD license: http://www.opensource.org/licenses/bsd-license.phpFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.spark-project.protobuf/protobuf-java/pom.xml
Description: A Java library for the Twitter API
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.twitter4j/twitter4j-core/pom.xml
Description: A Java library for the Twitter API
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.twitter4j/twitter4j-stream/pom.xml
Description: YAML 1.1 parser and emitter for Java
License:
Apache License Version 2.0: LICENSE.txtFile Path: /Users/skinzer/Documents/Github/spark/examples/target/scala-2.10/spark-examples-1.5.0-SNAPSHOT-hadoop2.4.0.jar/META-INF/maven/org.yaml/snakeyaml/pom.xml
File Path: /Users/skinzer/Documents/Github/spark/examples/target/spark-examples_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: f90119cfd80e7e2c31ec0b8e7ebde732
SHA1: 84458cddee21cdd2919d36e943b521cdcb19e674
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/examples/target/spark-examples_2.10-1.5.0-SNAPSHOT.jar
MD5: d6a1532517284ebabac8dee61e722a77
SHA1: c040e499adbbd2dca4ffd06d878fc4dc600555bf
File Path: /Users/skinzer/Documents/Github/spark/external/flume-assembly/target/scala-2.10/spark-streaming-flume-assembly-1.5.0-SNAPSHOT.jar
MD5: b2b2c7a9ad30864d2e11da8cb8c90a9e
SHA1: 4746c1b8f71776ab292d661da864d34f5e995003
Description:
The Commons IO library contains utility classes, stream implementations, file filters, file comparators and endian classes.
File Path: /Users/skinzer/Documents/Github/spark/external/flume-assembly/target/scala-2.10/spark-streaming-flume-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/commons-io/commons-io/pom.xml
MD5: ad0a3f750e11b2e41f981dd0a915315a
SHA1: bee5c8a3061394d39f7df1e38d25028edac7cdd9
Description:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
File Path: /Users/skinzer/Documents/Github/spark/external/flume-assembly/target/scala-2.10/spark-streaming-flume-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/commons-lang/commons-lang/pom.xml
MD5: fab2a53ef100a546fe83f1bf1840f58c
SHA1: 4fca8db5890f26627b09ab48d8888256ccb38dbb
File Path: /Users/skinzer/Documents/Github/spark/external/flume-assembly/target/spark-streaming-flume-assembly_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 51fb49467dff6e90c248570504579e3c
SHA1: 5aa52128f4b945e9958dd6c5f040b971a4b14aff
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/flume-sink/target/original-spark-streaming-flume-sink_2.10-1.5.0-SNAPSHOT.jar
MD5: ebb133bd1fd7723d838b0c4e951bd729
SHA1: 94c05dc5de5ee3a3ed1c54937664b58cc27b1c29
File Path: /Users/skinzer/Documents/Github/spark/external/flume-sink/target/spark-streaming-flume-sink_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: db0917eddefd12db326dc76d55be22d5
SHA1: 7e94e6c5a37809333356ee9590d8e8f64f75ffaa
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/flume-sink/target/spark-streaming-flume-sink_2.10-1.5.0-SNAPSHOT.jar
MD5: a849f5df973d926be032fa057d7d59dd
SHA1: 22c5f331da66ae6e4eb6a181dd0749ecc7e128e5
File Path: /Users/skinzer/Documents/Github/spark/external/flume/target/original-spark-streaming-flume_2.10-1.5.0-SNAPSHOT.jar
MD5: 516517ac6505e6124a0a8383f20c7892
SHA1: 63699d659bb4f5023ab59d24e7462526398b22b5
File Path: /Users/skinzer/Documents/Github/spark/external/flume/target/spark-streaming-flume_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 5199cd7e2b62071ccd62994b5443af55
SHA1: 3ea70e930bbeb33ad1fe2a06937c065d9260403c
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/flume/target/spark-streaming-flume_2.10-1.5.0-SNAPSHOT.jar
MD5: 4724abec0bdb3253badeac8e2860832c
SHA1: 25d2d5d4dffd379065c737271c04b59cd9b005c1
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar
MD5: 3a863f52084c5ee1bfb22ef9bc9e6523
SHA1: f5e734a7c7db0d11cbcafed6e92b7a459e0a0fa6
Description: Apache Hadoop Annotations
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-annotations/pom.xml
MD5: 4d2542a81a2b27f600391c0febd71ee9
SHA1: b6d6cd61e36ce09057f3c36ad81dc8f6496900fb
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
Description: Apache Hadoop Auth - Java HTTP SPNEGO
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-auth/pom.xml
MD5: fa09293acde265ef01e154106779698b
SHA1: 931c54abe85cad6268d40bcdc47b80ca9a2a4991
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
Description: Apache Hadoop Client
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-client/pom.xml
MD5: f96d989215077e8d51106b631059cbc0
SHA1: f9f0eaf26399fd6944fb3002a974982920f5527d
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
Description: Apache Hadoop Common
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-common/pom.xml
MD5: 59beb58af244e253202deec3debdfadf
SHA1: 4734f5abb0b3687e315c36fcce5744f78a400a1d
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
Description: Apache Hadoop HDFS
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-hdfs/pom.xml
MD5: 8d3715d421aa0abf68a3ba2b9e010236
SHA1: 33706b9f6d4ccc9c613869c8f368700af6f6ab35
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-mapreduce-client-app/pom.xml
MD5: f741e8b256eecf57affd1f03a5c44b4e
SHA1: ff7cb0f9ef6b4d00259f2eb340ea4cc4713bcae7
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-mapreduce-client-common/pom.xml
MD5: 9a9ab9a51727cfd8640c32ec56a1c36f
SHA1: 5fa81348405fede39f11027de63db865c7ed909d
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-mapreduce-client-core/pom.xml
MD5: 4f590cca006f835c9d2bbb129daaee04
SHA1: 90af3300bfa54d833213a574db724b0df4655487
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-mapreduce-client-jobclient/pom.xml
MD5: dd0051bd4183661f7e5408c96ad7ae5e
SHA1: b9d3bce37c283d58aabe5018cfc2b874e7719d8d
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-mapreduce-client-shuffle/pom.xml
MD5: e1ec37fd6718c38172f6051bda4e561a
SHA1: 973a784b4531fbe7591fec35ae40f7974dd8fe31
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-yarn-api/pom.xml
MD5: 8e63d77030ec9b25808634205ef4d980
SHA1: 8dcc9ea183c03bea22bb02940ab6b9e1ac2d8534
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-yarn-client/pom.xml
MD5: 1322c8b80f403002d434327aca1db96c
SHA1: 01197e1ce661d6d925c571a437bf7f7ea80f75e0
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-yarn-common/pom.xml
MD5: ae086ffaea90a6bd7dd565ce7120d599
SHA1: 22ee4dda98e81e8f77d73521793a738e61d5d5c8
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/scala-2.10/spark-streaming-kafka-assembly-1.5.0-SNAPSHOT.jar/META-INF/maven/org.apache.hadoop/hadoop-yarn-server-common/pom.xml
MD5: 6332d524403fecb6929162f5f45a06d7
SHA1: 3dc8f62e0594e9f955c7692d7561e74e79eb6f37
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka-assembly/target/spark-streaming-kafka-assembly_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: e9612f4efb7470d75df2e451e5dd13a3
SHA1: fe7b92b2e85e223257cac6ed38979073249e3454
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka/target/original-spark-streaming-kafka_2.10-1.5.0-SNAPSHOT.jar
MD5: 851867a7add46fea985f34c144b5aa55
SHA1: 92dd632956e12bf34b9336362448199914ebd05d
File Path: /Users/skinzer/Documents/Github/spark/external/kafka/target/spark-streaming-kafka_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 598ee1645d921e5f059e51e34b53b9b2
SHA1: eeb2a27da7b4c00b14f1d347e7a0066a638460aa
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/kafka/target/spark-streaming-kafka_2.10-1.5.0-SNAPSHOT.jar
MD5: 190c30bc956f32bd52ee4aaeee3584c6
SHA1: 4d4fa6bfe309173af4d13185699fcdeed742eede
File Path: /Users/skinzer/Documents/Github/spark/external/mqtt/target/original-spark-streaming-mqtt_2.10-1.5.0-SNAPSHOT.jar
MD5: 1d24156a364e2fd6189ba229a52a5e19
SHA1: 12ec0f028e82142a52702ce3d9877abc3950eef2
File Path: /Users/skinzer/Documents/Github/spark/external/mqtt/target/spark-streaming-mqtt_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 80a6a6a878904ae243f2770debbdfbfe
SHA1: 2996c489fecb7da39534a47534fcff539ae3c414
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/mqtt/target/spark-streaming-mqtt_2.10-1.5.0-SNAPSHOT.jar
MD5: 3104473fc60f4a096c33f573f99e2dc6
SHA1: eaaf061a358fddc17cfed2d022e0926de3c006a8
File Path: /Users/skinzer/Documents/Github/spark/external/twitter/target/original-spark-streaming-twitter_2.10-1.5.0-SNAPSHOT.jar
MD5: 99ef593eff669e62046bb381dcfa436d
SHA1: 81d4666bc04e4de4574645835567642bd824ab69
File Path: /Users/skinzer/Documents/Github/spark/external/twitter/target/spark-streaming-twitter_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 7bd035ee2f3349439e8cd03b5c40d0d3
SHA1: a92e525f4462e5b0e0f8b1b45ee0ae2456795aea
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/twitter/target/spark-streaming-twitter_2.10-1.5.0-SNAPSHOT.jar
MD5: e1995e0321708a896eea4caab2c47df3
SHA1: 3f68c362f088c3d4a7b436ed9b764d5d7449e4ff
File Path: /Users/skinzer/Documents/Github/spark/external/zeromq/target/original-spark-streaming-zeromq_2.10-1.5.0-SNAPSHOT.jar
MD5: 68fce9ede4b89cbfe29f71a5fbcbd14a
SHA1: 25942f2f35b15235cae755e70e3517f537d28303
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-20 Improper Input Validation
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMPT v3 protocol security mechanisms via a ZMTP v2 or earlier header.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/zeromq/target/spark-streaming-zeromq_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 6c6d4d6e561274f46d6a6fa127290b5a
SHA1: f4a388c43a9790398b23db5c571db92f3e8c4527
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-20 Improper Input Validation
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMPT v3 protocol security mechanisms via a ZMTP v2 or earlier header.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/external/zeromq/target/spark-streaming-zeromq_2.10-1.5.0-SNAPSHOT.jar
MD5: afb91bed5e03a7a03b8a4e5710ecb551
SHA1: e422891ec7f90087af86432761f5d7b265263072
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-20 Improper Input Validation
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMPT v3 protocol security mechanisms via a ZMTP v2 or earlier header.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/graphx/target/original-spark-graphx_2.10-1.5.0-SNAPSHOT.jar
MD5: 27bc3c33abbc4ac6f6029206f4f16b5a
SHA1: 26672f2933168ef0e4d8e5be2a16e3dbf3d7eaaa
File Path: /Users/skinzer/Documents/Github/spark/graphx/target/spark-graphx_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: fb5ff686fc3abf1c71ad0bb1182f5291
SHA1: 195d8c54d55878239f9cf18dd1b1757409dc16b5
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/graphx/target/spark-graphx_2.10-1.5.0-SNAPSHOT.jar
MD5: 0898737bff8347e6479b8268cc6860f6
SHA1: f48723ff73c004b74b77edf5bc570c4b1a8e6b63
File Path: /Users/skinzer/Documents/Github/spark/mllib/target/original-spark-mllib_2.10-1.5.0-SNAPSHOT.jar
MD5: 57b430df5e3ea6578b83d6bb6e138371
SHA1: b8d92376819bf0cc7d9a2d852e1c2c52ce976d90
File Path: /Users/skinzer/Documents/Github/spark/mllib/target/spark-mllib_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: c8b11e859e5296c783982c6759d0428f
SHA1: 18f6545093373800843d6190ed5e614c768090a2
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/mllib/target/spark-mllib_2.10-1.5.0-SNAPSHOT.jar
MD5: 39a39c457aa106da13927d0c9eb8af98
SHA1: 486a38181d2d656551e7d11b1a989d5c1bf54d9b
File Path: /Users/skinzer/Documents/Github/spark/network/common/target/original-spark-network-common_2.10-1.5.0-SNAPSHOT.jar
MD5: 085dc4d166c78bb7677bfa5d8edde6aa
SHA1: f5899d470e3940b71bdbe86a3fed0e87496ba250
File Path: /Users/skinzer/Documents/Github/spark/network/common/target/spark-network-common_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 18f9b5ee508216b59628f9ac992671c4
SHA1: 02e41fe22ae408863881c79596a3142c0b7ca04f
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/network/common/target/spark-network-common_2.10-1.5.0-SNAPSHOT.jar
MD5: bbfa977d158c521b6f2edff3e22fceb6
SHA1: 129cb76aedeb8023b55a9289a9a0e0e4d711621e
File Path: /Users/skinzer/Documents/Github/spark/network/shuffle/target/original-spark-network-shuffle_2.10-1.5.0-SNAPSHOT.jar
MD5: f20b7bc1f4a7c6eef5cd1b46a1e940da
SHA1: 06e3c73791a85a0886fe163bd7f1a4ec06d1611a
File Path: /Users/skinzer/Documents/Github/spark/network/shuffle/target/spark-network-shuffle_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: be59b819d285cd15e5f49f1571c933e2
SHA1: 668195edc283664d54cd38c563adacefe4d2d729
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/network/shuffle/target/spark-network-shuffle_2.10-1.5.0-SNAPSHOT.jar
MD5: 57a9a705c571da567cc810d7e2f40a89
SHA1: 6b5766b9f5724be79023cbc5d1434c242c4be1be
File Path: /Users/skinzer/Documents/Github/spark/network/yarn/target/scala-2.10/spark-1.5.0-SNAPSHOT-yarn-shuffle.jar
MD5: f373eb1a15d98a22d2c4ea02a0df05af
SHA1: 492e039810704611181a739e00d11baf0f3a4579
File Path: /Users/skinzer/Documents/Github/spark/network/yarn/target/spark-network-yarn_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 8dc3482382e6ec3c2c79f34165138dfa
SHA1: 0b13f1308e8b1a067e7e31c18f9ada287fd63583
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/network/yarn/target/spark-network-yarn_2.10-1.5.0-SNAPSHOT.jar
MD5: f918a8342423ec4257ffbff551de2460
SHA1: bfa3a8fccb8ec57d7448a8011a7f991efa616099
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/async/package.json
MD5: 3213bc73533e01af5c0929f0ce8c260d
SHA1: d13e3b80fc24496b107235e4acd63c5863fa60e1
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/builtins/package.json
MD5: e2e277e4898f10b0f6479b27ce856c2d
SHA1: b11fc8654be6eecde24e24139cbee8ab7c4b340c
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/debug/node_modules/ms/package.json
MD5: 25228288448ee0c357a88720129a4df7
SHA1: 485a08a554e3cefa310d73f250d160063f415c86
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/debug/package.json
MD5: 3eb22db5ba6df0524e7c662855e6ee53
SHA1: 1c768ee7e873baff74ba90cbffd6f8ed31688406
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/acorn/package.json
MD5: 7f6a2f76dca1b86f44b5c1c2afbc6409
SHA1: 5b59f12434039bae199d002d8e346d4bd43829c6
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/defined/package.json
MD5: 6abbe88be9c297a21d7308dd71ed4c34
SHA1: 8cf12174407f151b5b7764e4494f853620432070
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/esprima/package.json
MD5: 9c83f94b7d5e1748d70e73dbb3397ee0
SHA1: 34bfa51adb0122bf474f198b3bd17d7814266a56
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/estraverse/package.json
MD5: 864d6aad116a486728551b23164a1308
SHA1: ba2d9085850290d753ad9fca9223e5cd11a23606
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/esutils/package.json
MD5: f12c5ac219595b6e1dfcd41fccb160b4
SHA1: ce079674ae68bc4cb5b76e45ddac4d8b36254618
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/node_modules/deep-is/package.json
MD5: 0d38cd096bb69883a8604b6ccdba55b2
SHA1: 260f4bee20e45aea30fcd3c183a1ab0d96e947ae
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/node_modules/fast-levenshtein/package.json
MD5: 1ffdc7fbb717b33eb87f9a7b6b8f4acb
SHA1: 43736a52c978328d59d21b15d47f40fc1e241f95
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/node_modules/levn/package.json
MD5: 7b9f448aa6bd9d204ca0b04cae9ffb3b
SHA1: 1fd1999a897393de9c2d3ed47d6f9505507e2c50
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/node_modules/prelude-ls/package.json
MD5: 45ad6e0dc8b5da955d35de0a7479dc22
SHA1: 1414cbbd2b0453388a33edd089d7fc1505806fb9
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/node_modules/type-check/package.json
MD5: 6146f8d6f79c6e775196f0921f2b173d
SHA1: 2108dbd209aa9eca263e89da2b441af6ac18bc78
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/node_modules/wordwrap/package.json
MD5: 0f90000580743c2dbd56abeaa535b2ce
SHA1: 8fb08f1b8e8e59773f307d76363e60ce2518a698
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/optionator/package.json
MD5: 03763f4ab606c8f0677d579183f18be9
SHA1: b19ab72dd041b85527bfb2fece398e0a5fe16abd
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/source-map/node_modules/amdefine/package.json
MD5: d49e33403a2ec884876ce724dffca8a6
SHA1: 0d4789cca64325d59f348868eb6a9d577ee97360
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/node_modules/source-map/package.json
MD5: be63eed672002f6ff655003a7d339203
SHA1: dbc4805b8c8392c13b4b4dad1aa43950176e4349
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/node_modules/escodegen/package.json
MD5: 88d732a379aec237db58db28adae5b84
SHA1: 14cde359ae1805facbd3c12c6129aede3f9d45cb
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/detective/package.json
MD5: d22faf667210552385be6ecd66544ae9
SHA1: c9195d6a042da7b090cd02130348dae13bc1f882
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/is-relative/node_modules/is-unc-path/node_modules/unc-path-regex/package.json
MD5: 21cfbad87f37da867f63f7ee575dfe26
SHA1: 1af10deb3cf24f072b7e8e0331441cc766f9d411
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/is-relative/node_modules/is-unc-path/package.json
MD5: 556fb60698412ebfb7ac90256192f82c
SHA1: cde33238d43937a4e5cf0aa75a77bbe2e511e0ed
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/is-relative/package.json
MD5: d73f4645902b8ec19f3061dbbe97209a
SHA1: 24440c0b7654f2c769839cc8620bc87e6a1f5ff6
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/minimist/package.json
MD5: 38c8fa764477e96fb9de6fa3fad9132d
SHA1: e815269679fb2981be8bbad891581d4fa52db379
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/inflight/node_modules/wrappy/package.json
MD5: 1908931e9fea1fa2e03a4389659311f4
SHA1: 47f9e1e20d6520ac14ecdaa0ba5cfa04085edef2
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/inflight/package.json
MD5: ffde897685985fa143b66e1cacc68728
SHA1: b447b18cbe43947489c490e5cf389d8eee2b2537
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/inherits/package.json
MD5: fdd506d1c25df43113b7d6fd3184c96d
SHA1: 412dc9f1fc36566c8ed73232bb19812d6fbe8a94
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/balanced-match/package.json
MD5: 6bd4a90109ae7784417eac9a9b97dc59
SHA1: 42d2c1a0a733b1ff1f7950288a21d93848a1bb89
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/node_modules/concat-map/package.json
MD5: f73717e5dc3969f47fd89ff934c3bbac
SHA1: b51ab88c80d8689ee048f47bddcc2fe76b1d9955
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/package.json
MD5: a3fc0c2fa8f073f3bce47d6afa1f97d3
SHA1: c6d1cb25f8679d54eeba07cc0248ee456b0750ce
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/package.json
MD5: a1822e398c8766efe50edc991eb9efea
SHA1: fd1155ac9da5a0aa46b0ed21c8106498049d4c2e
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/once/package.json
MD5: e169964bb66dc927a8fd01d638005169
SHA1: b110abfafbac9dcaa9a49bb8284da231a17db20b
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/node_modules/path-is-absolute/package.json
MD5: 1d5aefb0fa4137367222a913fa6f3a82
SHA1: 3fd4a39c29ad3f31089d694df8a30995dd317720
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/glob/package.json
MD5: e25598f6422b7634972a7c91005ea688
SHA1: 367f0a9579530bc64eb895033318a56ee1b4192d
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/graceful-fs/package.json
MD5: fdd3de190a40ec47da27a6074be697fc
SHA1: 621fa6def0fa027d986e50dda1e2b80a6ebb04f9
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/json-parse-helpfulerror/node_modules/jju/package.json
MD5: 9bac4d6747ec9174b8912d78670ec18a
SHA1: 813a905f29f4d6b59034c348fe635d661fa31d16
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/json-parse-helpfulerror/package.json
MD5: d3cee7f6f1a19b764525fc6f77a2d111
SHA1: 30f0bce862b295eb2846bbee7e54e56c3e3bb189
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/normalize-package-data/node_modules/github-url-from-git/package.json
MD5: 317823514bf0c09ca5fd4d3e9d5ed098
SHA1: 5cabf04b311b8cde12e1153d820427f6fa578b37
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-20 Improper Input Validation
The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/normalize-package-data/node_modules/github-url-from-username-repo/package.json
MD5: de9fbaeeb873b458d9474555a5ad15cb
SHA1: d9339991a7b919b34bd2278787c29d80ddd03d44
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/normalize-package-data/node_modules/semver/package.json
MD5: fb0221eae94b081dfb52929f60409db2
SHA1: c4e3ab0a688b3ee9fb2110cee672e692e4627034
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/node_modules/normalize-package-data/package.json
MD5: b1f149afbdd985fded598b08a9c2e7ca
SHA1: 0dbac02be11d9e8cbb977517bb0ba4c55d3a2d14
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/package.json
MD5: dcab276f887434ff18e2be69655c5fad
SHA1: 24077b03cc187b16b39c5428b3ea75bb9398e836
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/read-package-json/test/fixtures/readmes/package.json
MD5: 4022b2eeeb4f43ae0932d8eb0b76590d
SHA1: ed12b248aac11501eb68d31f49602ebfbcf00892
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/resolve/package.json
MD5: e12e2cb21a434e2cecf55678058a361c
SHA1: 4c440249b99b0f3ab58e855074b1a5635d978a01
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/resolve/test/module_dir/zmodules/bbb/package.json
MD5: 4a3e4b65131149d13cf2a9006879a030
SHA1: 3d33fb74a6cd3a549dbae1cbe22a7c2f337f978e
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/resolve/test/resolver/baz/package.json
MD5: b8f6d3d8e5f2bb228651f46802b5313f
SHA1: 54931d5f8e2eeaf618a6f621ba26554ec56395bb
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/resolve/test/resolver/biz/node_modules/garply/package.json
MD5: 09ca018fe18fe43dd608a04921701174
SHA1: d5e686ccafe95b49e0a490a87b48806dc9e0f414
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/node_modules/resolve/test/resolver/incorrect_main/package.json
MD5: fe101c637e183031c241381b78b50f9a
SHA1: fd4f09f8d82645ce1701105eff34bf2e494c5496
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/package.json
MD5: 4a0545f5372cda3960bdc04babb81b0b
SHA1: 9f14c574c0ce0344408246a0e90e65b525edfa2f
File Path: /Users/skinzer/Documents/Github/spark/node_modules/dependency-check/test/package.json
MD5: 381f09f5887bc49542a1bfc8386c9c4e
SHA1: b91c98e1e17fb45c9cb637e30a392d2e7ddd16ff
File Path: /Users/skinzer/Documents/Github/spark/python/lib/py4j-0.8.2.1-src.zip/py4j/__init__.py
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709
File Path: /Users/skinzer/Documents/Github/spark/python/pyspark/__init__.py
MD5: 6fad4bf6f7a082625088984471ecd592
SHA1: ad96c83350559dfecab5b4b4e4399500ff12ed75
File Path: /Users/skinzer/Documents/Github/spark/R/pkg/inst/test_support/sparktestjar_2.10-1.0.jar
MD5: 008b9ab46af35b5ed0d8c5b23f5c65d8
SHA1: 67eeec18c1fd6e18bb7b24a01f46cc059ef71de3
File Path: /Users/skinzer/Documents/Github/spark/repl/target/original-spark-repl_2.10-1.5.0-SNAPSHOT.jar
MD5: 8c3f0c5df46e994f6ac5b426a3e76d7b
SHA1: 8814d359abed886133cd1891619986f9b26ffba1
File Path: /Users/skinzer/Documents/Github/spark/repl/target/spark-repl_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 07c8caf02cb80379fa8f958634085db2
SHA1: 9d54245d9b20883e86bc44cbefe69aabf9746ead
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/repl/target/spark-repl_2.10-1.5.0-SNAPSHOT.jar
MD5: 657761faf8a8cebe0f86860f2c02bb7f
SHA1: 95e029e69adfd5a521fd36e68188a07132b025e6
File Path: /Users/skinzer/Documents/Github/spark/sql/catalyst/target/original-spark-catalyst_2.10-1.5.0-SNAPSHOT.jar
MD5: 479f0d0208aa7a22cde9ed1c0375b167
SHA1: 2200e0393c1769a2a0f511ba92dbbeb662017649
File Path: /Users/skinzer/Documents/Github/spark/sql/catalyst/target/spark-catalyst_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: d81d89ec3492d37745b295ff96ac8816
SHA1: 836ed8620760c06c5d018caf2fc838424a902440
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/sql/catalyst/target/spark-catalyst_2.10-1.5.0-SNAPSHOT.jar
MD5: 290c403f51e51c7e6a743ee74c4a6985
SHA1: e8a539a5bf7d0b27d3a7d1caf2839f95cee5762e
File Path: /Users/skinzer/Documents/Github/spark/sql/core/target/original-spark-sql_2.10-1.5.0-SNAPSHOT.jar
MD5: 9b8a31a91db762b84c2e588aab42f07a
SHA1: 68ae7230903db0309bc7d680e491623a866eb00b
File Path: /Users/skinzer/Documents/Github/spark/sql/core/target/spark-sql_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 96c9d32d9a990b96a5fef908163fcc50
SHA1: 3f4531032a20c75c8c6322c0e9b34077165ba92d
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/sql/core/target/spark-sql_2.10-1.5.0-SNAPSHOT.jar
MD5: 7f33dc67a04539949ae2e85af464539c
SHA1: 3f86bdb30fb966af1256817ac358aa72f464ab7f
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/original-spark-hive_2.10-1.5.0-SNAPSHOT.jar
MD5: 79d9429b03ef4b212871db1e8e539c77
SHA1: c917fafabffdff9fc522269852457aaaf1082c5d
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/spark-hive_2.10-1.5.0-SNAPSHOT-test-sources.jar/data/files/TestSerDe.jar
MD5: 9b7b74336ead0b926125a06e610bdf45
SHA1: 00ab8d11b4cf07d7ce6af70f05f960713c5efc7c
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-284 Improper Access Control
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI.
Vulnerable Software & Versions:
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/spark-hive_2.10-1.5.0-SNAPSHOT-test-sources.jar/hive-hcatalog-core-0.13.1.jar
MD5: 92a0fa9aa9a3fe40237e5616b8f7ea6f
SHA1: 6fc5336cb310503cae2e74db6c8210090c38c254
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/spark-hive_2.10-1.5.0-SNAPSHOT-test-sources.jar/regression-test-SPARK-8489/test.jar
MD5: c281d8a683f37253c04916321c8a6a36
SHA1: 65f4a67c028d1f93aeca01c7dda29e8660c87478
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/spark-hive_2.10-1.5.0-SNAPSHOT-test-sources.jar/TestUDTF.jar
MD5: bfe6c020332c3b255e807d36c24b6e78
SHA1: b2e91db5c8f08472124ea5caf8fab08295fd435b
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CWE: CWE-284 Improper Access Control
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI.
Vulnerable Software & Versions:
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/spark-hive_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: a7f8cb4418aa53d6ab5d07e879747a07
SHA1: cd9c2b57464140db53705fff0d8988cd46022ac3
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/sql/hive/target/spark-hive_2.10-1.5.0-SNAPSHOT.jar
MD5: 3475580f7d0d382cddf5664c8190f7ed
SHA1: 04e12fbb077d90bf1f3934347971839a85ec4979
File Path: /Users/skinzer/Documents/Github/spark/streaming/target/original-spark-streaming_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 0662ed4d345815046ce211d6ed3fbe65
SHA1: 1b20ac8850fab96e764c995d2b68d2f0f1ed73a0
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/streaming/target/original-spark-streaming_2.10-1.5.0-SNAPSHOT.jar
MD5: 2c707ff0be63191d13dea95b7f15e2db
SHA1: f028cd9bbbc526a54830566cc6531214f722c28d
File Path: /Users/skinzer/Documents/Github/spark/streaming/target/spark-streaming_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 525c3bf43f916f978cf05ba3f222e01e
SHA1: 4a701db06e3e7f501290d96a5ad563d8a4ed4253
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/streaming/target/spark-streaming_2.10-1.5.0-SNAPSHOT.jar
MD5: f5d355a9ffb3906d50773a8c18d36c90
SHA1: 9436fdb752de1ed52974f561ba6061861c9363b0
License:
Apache 2.0 License: http://www.apache.org/licenses/LICENSE-2.0.htmlFile Path: /Users/skinzer/Documents/Github/spark/target/spark-parent_2.10-1.5.0-SNAPSHOT-tests.jar
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/tools/target/original-spark-tools_2.10-1.5.0-SNAPSHOT.jar
MD5: 653693c853fb96fdb59765b43d61cdef
SHA1: 63834f6533f5b9fb3aa04ea89dae11c5c07d1da8
File Path: /Users/skinzer/Documents/Github/spark/tools/target/spark-tools_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 40903c9e4fd9311d78d788cbad3bf668
SHA1: 5105ca08e6759e763997fa1cff69b347f8bb21a6
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/tools/target/spark-tools_2.10-1.5.0-SNAPSHOT.jar
MD5: ef9bc86d7fe549eaf0a7838dd65b2ef1
SHA1: 81501641ffc2ea878cc21c078c8219e28ff02f71
File Path: /Users/skinzer/Documents/Github/spark/unsafe/target/original-spark-unsafe_2.10-1.5.0-SNAPSHOT.jar
MD5: 90244dd2ee74aef96b08d617b80069ea
SHA1: bf0c1f46785b68a135a85353ab0b6f53b53d0078
File Path: /Users/skinzer/Documents/Github/spark/unsafe/target/spark-unsafe_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: abf91db620beaa19dc91d556419aa48d
SHA1: be4ec12463a60f6375e4eeb49701bfc0b8d24069
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/unsafe/target/spark-unsafe_2.10-1.5.0-SNAPSHOT.jar
MD5: 48354cd8452d17aa7c255fa4fd5acf4a
SHA1: 51751619365c7c7ecb8ff349c8b966579fb78541
File Path: /Users/skinzer/Documents/Github/spark/yarn/target/original-spark-yarn_2.10-1.5.0-SNAPSHOT.jar
MD5: fbc249e7e183b00135453fca032e8c0d
SHA1: 616fe7018ec3fbb8c0a5da19cb0514c0fb8e0e05
File Path: /Users/skinzer/Documents/Github/spark/yarn/target/spark-yarn_2.10-1.5.0-SNAPSHOT-tests.jar
MD5: 9781db2f16bb7141ea029bec450eb1cf
SHA1: ceb8980fec661eafa771fa9a7e10ca177eb6202d
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Vulnerable Software & Versions: (show all)
File Path: /Users/skinzer/Documents/Github/spark/yarn/target/spark-yarn_2.10-1.5.0-SNAPSHOT.jar
MD5: 7ddea37db8a5123c3060af1c6a01e7ae
SHA1: d381f3a79e7a7975c451a29b728c264f7a5ad1d7